I migrated a working Hyper-V guest server from one physical server to another by stopping the machine, copying the files manually, then importing by "registering in place".
The import completed and the newly registered machine booted fine on the new physical server.
But the newly moved machine cannot ping anything on the physical network except the host. And nothing on the physical network can ping the newly registered machine.
Yet I know the newly built physical server is accessible on the LAN as I can ping it from another machine on the LAN.
And I know the host and guest should be equally accessible from the LAN, that is to say, if one is accessible then the other certainly should be, because I made the setting in Hyper-V Virtual Network to share the "external" type virtual network with the host machine.
Firewall. I've temporarily disabled firewall on all machines mentioned, the new and old physical servers, the virtual (guest), and the remote machine on the network I'm using to test ping connectivity. I've disabled Windows firewall for all profiles on all machines mentioned!
VLANS. There aren't any. Not on the switches, not on the servers.
All hosts and guests are running Windows Server 2012 R2.
Further steps taken:
Throughout all of the below steps, I regularly checked to ensure newly created virtual NIC on new physical server has correct IP address, as did virtual NIC on guest.
- removed and re-added from scratch the virtual network on new physical server
- toggled the setting "share this connection with the host machine" in Virtual Switch settings.
- removed and re-added from scratch the guest's NIC from the Hyper-V setting and set its static IP address back to original (being careful to define the default gateway and furthermore remove the old hidden network device in guest OS Device Manager)
- repeat the above and use a "legacy network adapter" instead of the standard one
- tested by importing another virtual server due for migration. This time it's a Gen 2 Hyper V guest, as opposed to Gen 1 which I have been working on. No change: the same situation. Host and guest can talk, host and LAN can talk, guest and LAN can not talk!
- verified new Hyper-V configuration exactly mirrors old server's. Every check box in every screen double checked
- always ping IP address not hostname, to rule out DNS
- deleted stale arp records from client used to ping test from LAN
- rebooted physical and virtual repeatedly
- disabled and re-enabled virtual NIC on guest (despite also recreating virtual NIC as above)
Perhaps someone might enlighten me as to which one of the virtualisation gods I have royally enraged today, and how I might make things better?
Best Answer
Host network connectivity and guest network connectivity are almost entirely unrelated except for the physical connection to the network via the pNIC in the host. Allowing the management OS (the host itself) to share the external virtual switch has nothing to do with network connectivity of the guests, except (again) for the physical connection of the pNIC in the host. The pNIC becomes a "bridge" for the vSwitch. Layer 3 connectivity of the host has nothing to do with Layer 3 connectivity of the virtual machine. You're getting hung up on correlating host network connectivity and guest network connectivity. Stop mucking about with the vEthernet adapter and the pNIC on the host.
Mucking with the firewall seems like a desperate measure. There's no reason you should have to disable the Windows Firewall on the host or the virtual machine in order to establish network connectivity on the host or the virtual machine. Turn the Windows Firewall back on on both systems and leave it alone.
Ping isn't a very good first line diagnostic tool anymore for Windows systems because it's disabled by default. Too many people get hung up on troubleshooting why ping doesn't work instead of troubleshooting the actual problem. You need to enable the
File and Printer Sharing (EchoRequest - ICMPv4-Infirewall rule for the appropriate firewall profile if you want to ping a modern Windows system. If you want to use ping as a diagnostic tool then make sure you know whether or not it should work to begin with.All that being said, I might suggest going backward a few steps:
Re-enable the Windows Firewall on the host. Delete the VM. Delete the vSwitch in Hyper-V Manager. Verify host network connectivity (to verify Layer 2 connectivity because, again, Layer 3 connectivity of the host and guest are unrelated). Create a new vSwitch in Hyper-V Manager. Don't muck with the vEthernet adapter or the physical network adapter of the host. Create a new VM for testing. Test network connectivity of new virtual machine, if you have the same problem then stop there and start looking at the host phyiscal network connectivity and your switch. Then re-import the virtual machine in question and test.